❌

Reading view

How To Deploy Windows Optics: Commands, Downloads, Instructions, and Screenshots

Jordan Drysdale & Kent Ickler // TL;DR Look for links, download them. Look for GPOs, import them. Look for screenshots, for guidance. Sysmon + Windows Audit Policies + Event Collectors […]

The post How To Deploy Windows Optics: Commands, Downloads, Instructions, and Screenshots appeared first on Black Hills Information Security, Inc..

  •  

How to Avoid Holiday Shopping Scams (From a Former Cyber Detective)

Christmas is the time where we allow our imaginations to run wild, it’s the season of goodwill, high spirits and Christmas joy. However, cybercriminals don’t take holidays. We still have to be on our guard, and question what is real and what is not. Common Holiday Scams Fake Online Stores Around this time of year, […]

The post How to Avoid Holiday Shopping Scams (From a Former Cyber Detective) appeared first on Heimdal Security Blog.

  •  

What is Managed ITDR? Key Definitions, Features, and Benefits

Key takeaways: MITDR explained: Managed ITDR combines identity threat detection with expert-led response. Why it matters: Get better protection and lower costs without building a full in-house team. What to look for: Prioritize behavioral monitoring, real-time response, and expert oversight You’ve got the ITDR solution. That’s a good step towards effective account and identity-based threat […]

The post What is Managed ITDR? Key Definitions, Features, and Benefits appeared first on Heimdal Security Blog.

  •  

Cybersecurity Has a Motivation Problem

I’ve worked in cybersecurity long enough to see that our biggest challenge isn’t a technical one, it’s motivational. We can build the strongest firewalls, design the smartest detection systems, and run endless awareness campaigns, but none of it matters if people don’t want to care. That’s the uncomfortable truth; cyber security has a motivation problem. […]

The post Cybersecurity Has a Motivation Problem appeared first on Heimdal Security Blog.

  •  

Offline Memory Forensics With Volatility

Volatility is a memory forensics tool that can pull SAM hashes from a vmem file. These hashes can be used to escalate from a local user or no user to a domain user leading to further compromise.

The post Offline Memory Forensics With Volatility appeared first on Black Hills Information Security, Inc..

  •  
  •  

Webcast: Attack Tactics 7 – The Logs You Are Looking For

Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics7LogsYouAreLookingFor.pdf So we went through an attack in the BHIS Webcast, β€œAttack Tactics 5! Zero to Hero Attack.” Then we went through […]

The post Webcast: Attack Tactics 7 – The Logs You Are Looking For appeared first on Black Hills Information Security, Inc..

  •  

Podcast: Attack Tactics 6! Return of the Blue Team

Download slides:Β https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded […]

The post Podcast: Attack Tactics 6! Return of the Blue Team appeared first on Black Hills Information Security, Inc..

πŸ’Ύ

  •  

Webcast: Attack Tactics 6! Return of the Blue Team

Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics6ReturnofBlueTeam.pdf In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed […]

The post Webcast: Attack Tactics 6! Return of the Blue Team appeared first on Black Hills Information Security, Inc..

  •  

Webcast: Attack Tactics 5 – Zero to Hero Attack

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]

The post Webcast: Attack Tactics 5 – Zero to Hero Attack appeared first on Black Hills Information Security, Inc..

  •  

PODCAST: From Active Countermeasures – Attack Tactics 4

Join John Strand as he continues his Attack Tactic series this time with the defense ideas for the attacks mentioned in episode 3 (see more here) To see the entire […]

The post PODCAST: From Active Countermeasures – Attack Tactics 4 appeared first on Black Hills Information Security, Inc..

πŸ’Ύ

  •  

PODCAST: Attack Tactics Part 2

John talked about how we’d attack, here’s how you can defend against those attacks. Grab the slides here:Β https://blackhillsinformationsecurity.shootproof.com/gallery/6843799/

The post PODCAST: Attack Tactics Part 2 appeared first on Black Hills Information Security, Inc..

πŸ’Ύ

  •  

WEBCAST: Windows Memory Forensics

John Strand // In the last webcast we covered initial Windows Live Forensics (see the recording here), in this one weΒ play with memory from a compromised system. We cover the […]

The post WEBCAST: Windows Memory Forensics appeared first on Black Hills Information Security, Inc..

  •  
❌